policies:
  default:
    triggers:
    - appsec-default-log-trigger
    mode: detect-learn
    practices:
    - webapp-default-practice
    source-identifiers:
    trusted-sources:
    custom-response: appsec-default-web-user-response
    exceptions:
  specific-rules:
  - host: "*"
    triggers:
    - appsec-default-log-trigger
    mode: detect-learn
    practices:
    - webapp-default-practice
    source-identifiers:
    trusted-sources:
    custom-response: appsec-default-web-user-response
    exceptions:

practices:
  - name: webapp-default-practice
    openapi-schema-validation:
      configmap: []
      override-mode: detect-learn
    snort-signatures:
      configmap: []
      override-mode: detect-learn
    web-attacks:
      max-body-size-kb: 1000000
      max-header-size-bytes: 102400
      max-object-depth: 40
      max-url-size-bytes: 32768
      minimum-confidence: critical
      override-mode: detect-learn
      protections:
        csrf-protection: detect-learn
        error-disclosure: detect-learn
        non-valid-http-methods: true
        open-redirect: detect-learn
    anti-bot:
      injected-URIs: []
      validated-URIs: []
      override-mode: detect-learn

logtriggers:
  - name: appsec-default-log-trigger
    access-control-logging:
      allow-events: false
      drop-events: true
    additional-suspicious-events-logging:
      enabled: true
      minimum-severity: high
      response-body: false
    appsec-logging:
      all-web-requests: false
      detect-events: true
      prevent-events: true
    extended-logging:
      http-headers: false
      request-body: false
      url-path: false
      url-query: false
    log-destination:
      cloud: false
      file:
      stdout:
        format: json-formatted
      syslog-service:
      cef-service:

customresponses:
  - name: appsec-default-web-user-response
    mode: response-code-only
    http-response-code: 403
    message-title: This is the best title ever
    message-body: Look at this body

exceptions:
trustedsources:
sourceidentifiers: